Alan Orth
ba3004ef2b
We haven't actually used rc.local since Ubuntu 16.04. Now anything that we need to run at boot we can do with systemd anyways.
55 lines
1.6 KiB
YAML
55 lines
1.6 KiB
YAML
---
|
|
- name: Import OS-specific variables
|
|
include_vars: "vars/{{ ansible_distribution }}.yml"
|
|
tags: always
|
|
|
|
- name: Configure network time
|
|
import_tasks: ntp.yml
|
|
tags: ntp
|
|
|
|
- name: Install common packages
|
|
include_tasks: packages_Debian.yml
|
|
when: ansible_distribution == 'Debian'
|
|
tags: packages
|
|
|
|
- name: Install common packages
|
|
include_tasks: packages_Ubuntu.yml
|
|
when: ansible_distribution == 'Ubuntu'
|
|
tags: packages
|
|
|
|
- name: Configure firewall
|
|
include_tasks: firewall_Debian.yml
|
|
when: ansible_distribution == 'Debian'
|
|
tags: firewall
|
|
|
|
- name: Configure firewall
|
|
include_tasks: firewall_Ubuntu.yml
|
|
when: ansible_distribution == 'Ubuntu'
|
|
tags: firewall
|
|
|
|
- name: Configure secure shell daemon
|
|
import_tasks: sshd.yml
|
|
tags: sshd
|
|
|
|
# containers identify as virtualization hosts, which makes this tricky, because we have actual Debian VM hosts!
|
|
- name: Reconfigure /etc/sysctl.conf
|
|
when: ansible_virtualization_role != 'host'
|
|
template: src=sysctl_{{ ansible_distribution }}.j2 dest=/etc/sysctl.conf owner=root group=root mode=0644
|
|
notify:
|
|
- reload sysctl
|
|
tags: sysctl
|
|
|
|
- name: Reconfigure /etc/rc.local
|
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('18.04', '<=')
|
|
template: src=rc.local_Ubuntu.j2 dest=/etc/rc.local owner=root group=root mode=0755
|
|
|
|
- name: Set I/O scheduler
|
|
template: src=etc/udev/rules.d/60-scheduler.rules.j2 dest=/etc/udev/rules.d/60-scheduler.rules owner=root group=root mode=0644
|
|
tags: udev
|
|
|
|
- name: Copy admin SSH keys
|
|
import_tasks: ssh-keys.yml
|
|
tags: ssh-keys
|
|
|
|
# vim: set sw=2 ts=2:
|